ATLANTA — Weeks before Atlanta was hit by a cyberattack crippling computers in several departments, a state agency in Colorado was already dealing with its second attack in mere days.
The Colorado Department of Transportation was the victim of a ransomware attack. And then, on March 1, they were hit by a variant of the exact same kind of digital nightmare – again.
Now, Atlanta has been hit hard by the same kind of attack, and it’s still recovering almost a week later.
William Hatcher with Augusta University said there are at least some ways cities like Atlanta can prevent themselves from being fooled twice.
Hatcher is the director of the MPA program at Augusta University and an associate professor of political science and he was quick to point out why governments are such tempting targets for hackers.
“Governments are vulnerable because they house a lot of data on citizens,” he said. “Especially larger governments that have online bill payment where you can pay your taxes online – they’re going to have financial data on citizens, property data on citizens, criminal justice data on citizens.”
After being reactive to the attack, proactivity is key – and that means having knowledge in-house of what makes these attacks possible.
“They can make sure they have experts who work in the government for cities,” he said. “In IT and security, make sure they partner with nonprofits and research organizations that are familiar with cybersecurity and how to provide cybersecurity.”
He said working with private companies with knowledge of digital protection is also a strong choice.
Hatcher said it’s a big challenge for large cities to protect against outside digital attacks. But it’s an even bigger challenge for smaller towns.
“You have a town with $10,000 people, they’re doing their best to provide basic services such as police and fire that it’s hard to provide the expertise,” he said. “It’s really expensive to hire cybersecurity.”
So, for small and medium-size communities, he recommended partnering with outside agencies where possible. It’s also going to take locals realizing that the convenience of online services has a cost attacked to it.
“If they want things like online bill payment and be able to pay their taxes online they have to be willing to pay for the cybersecurity professionals to help local governments keep that data secure,” Hatcher said.
It will also take the help of auditors, like Amanda Noble, to make sure city infrastructure stays up-to-date to fend off attacks.
"The contractor we hired to do this audit talked about the threat level expanding just since this summer. We are trained to look at the phishing emails and they come through all the time," Noble said. "We made a list of 23 recommendations and we will continue to follow up as they implement those."
Noble said they will also look into the City's policies and procedures to make sure certain standards are in place.
On Wednesday afternoon, the city launched an online Information-Hub on its website to share the latest updates surrounding operations and the ransomware cyberattack.
According to officials, residents will be able to find the latest updates on the state of recovery, the status of government offices and services impacted by the attack and instructions for residents looking to access city services. The site also features frequently asked questions.